package com.joinway.framework.support.security.validator;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.aspectj.lang.ProceedingJoinPoint;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.joinway.framework.bean.exception.ValidationException;
import com.joinway.framework.core.utils.FrameworkHelper;

public abstract class SessionPermissionValidator implements IPermissionValidator {

	private final static Logger log = LoggerFactory.getLogger(SessionPermissionValidator.class);
	
	protected abstract String getSessionKey();
	protected abstract String getSessionExpiredCode();
	
	@Override
	public void validate(ProceedingJoinPoint point) throws ValidationException {
		HttpServletRequest request = FrameworkHelper.getHttpServletRequest();
		
		if(request == null){
			log.warn("failed to get request object when checking session permission");
			return;
		}
		
		HttpSession session = request.getSession();
		if(session.getAttribute(getSessionKey()) == null){
			throw new ValidationException(getSessionExpiredCode(), getSessionExpiredMessage());
		}
	}

	protected String getSessionExpiredMessage(){
		return "登录超时";
	}

}
